Skip to main content

How to protect your company from fraud and scams

Posted by: , Posted on: - Categories: Company guidance, Starting a business

Setting up a company is extremely busy. There’s a lot to do - new processes, account filings, tax and much more.

It’s also important to remember to keep your new company protected. Here are some measures to consider when protecting your company from fraud, scams and identity theft, and how to report them.

There are 3 main ways to protect your company.


1. Register to file online

Keep your authentication code safe

Your authentication code is a 6-digit alphanumeric code issued by Companies House to each company. This code is used to authorise information filed online, acting as an equivalent to a company officer’s signature.

Keep your code safe to avoid any fraudulent changes to the company. If you change your code to something more memorable, mix letters and numbers so your code is hard to guess.

To protect your code:

  • only share your code with someone you trust to file information for your company
  • change your code if it becomes known by someone you do not trust
  • change your code if it’s known by someone no longer authorised to file information for your company

Our PROOF scheme

Our protected online filing scheme (PROOF) can help protect your company from unauthorised changes by preventing the filing of certain paper forms. This can include changes to your registered office address, changes to your officers’ information and your confirmation statement.

When you sign up, any forms covered by PROOF can only be filed online. This helps to prevent company hijacking by fraudsters through the changing of company details, which leaves the company vulnerable to further fraudulent activity.

Use the Follow service

Follow is a free service from Companies House that allows you to receive email alerts of company transactions. These emails include a link to the filing history of the company you are following, which you can download for free.

You can follow any company registered at Companies House, but for added security you can choose to follow your own company. If you are a company director or auditor, Follow is a quick and convenient way to keep track of changes to your company. You will be alerted to filings as soon as they have been accepted.


2. Take appropriate security precautions

Choose the right correspondence address

You do not need to use your home address as your correspondence (service) address, or your company’s registered office address.

If a director chooses to use their home address as their service address or the company’s registered office address, it will appear on the public Companies House register and cannot be removed from records. Keep this in mind when choosing your correspondence address.

Check website addresses are genuine

If you receive a suspicious email with a link to a web page that asks for your email address and password, it may be a scam.  If you receive a suspicious email with an attachment asking you to enter personal information such as an authorisation code, forward it to and then delete it.

Be aware of scam emails and telephone calls

Companies House will never contact you by email or telephone to ask for secure information about your company such as authentication codes. Do not open any attachments or disclose personal information.


3. Report any suspected fraud

If you receive a suspicious letter, invoice or telephone call, contact us immediately on 0303 1234 500.

Action Fraud is the national fraud and cyber-crime reporting centre for the police. If your details have been used without your consent, or you suspect fraudulent activity, report it to Action Fraud or call 0300 123 2040.

The National Cyber Security Centre provide information and advice on how to improve your online security. To find out more, visit:

  • the Small Business Guide, which explains how to improve your cyber security and has affordable, actionable advice for organisations
  • Early Warning, which helps organisations investigate cyber-attacks by notifying them of malicious activity that has been detected in information feeds; any UK organisation with a static IP address or domain name can sign up to use Early Warning.

Sharing and comments

Share this page


  1. Comment by Dave posted on

    I need assistance with investigating a suspected fraud on the Shareholders in a local PLC. I have proof that a catalogue of laws have been broken and a multitude of misdemeanours have occurred over the last couple of years which have not been resolved - COVID being the main delaying tactics. It appears to be an almost impossible task to find any authority capable of ensuring that the law is enforced.

  2. Comment by Dave posted on

    I contacted enquiries at Companies House and my last response was a request for feedback re: RP02a_V4.0 uploaded on 14/1/22 which I have not yet received. I also contacted the Financial Ombudsman who responded, "We have looked over the information that you have provided, and it doesn’t appear your complaint is one we can help with."

    Companies House sets the rules through the Companies Act but will not enforce them, nor will they investigate any suspected wrong-doing.

    • Replies to Dave>

      Comment by asoullier posted on

      Thanks Dave. We will follow this up with our customer services team.

  3. Comment by J.M. Harnett posted on

    Companies House security is not fit for purpose in my view. As company secretary, I complied with all requirements, including online submission of Member-approved directors and annual accounts. But fraud was committed by an existing director who submitted forms containing my name as the 'proposer' without my knowledge or approval.. As soon as accepted by CoHo, the person 'terminated' me as CoSec. Members funds now being used for unlawful purposes - including paying for meaningless 'CoHo Certificates' which supposedly legitimise a company's credentials but actually support fraud!!! Companies House - needs to be far more vigilant and prosecute fraudsters...not deny any liability!!

    • Replies to J.M. Harnett>

      Comment by asoullier posted on

      Thank you for response. We will follow this up with our customer services team.

  4. Comment by Dave posted on

    Thanks to asoullier for following this up.

    In response to J.M. Harnett, I too was fraudulently terminated along with a co-director because we spoke up about illegal goings on.